MCP Pentest

# Tool Installation Guide untuk MCP Pentest ## 🎯 Tools Wajib untuk Reconnaissance ### Network Scanning ```bash # Nmap (essential untuk port scanning) sudo apt update && sudo apt install -y nmap # Masscan (high-speed port scanner) sudo apt install -y masscan ``` ### Subdomain Enumeration ```bash # Subfinder go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest # Alternatif jika go tidak ada: wget https://github.com/projectdiscovery/subfinder/releases/download/v2.6.3/subfinder_2.6.3_linux_amd64.zip unzip subfinder_2.6.3_linux_amd64.zip sudo mv subfinder /usr/local/bin/ ``` ### Web Fuzzing & Directory Discovery ```bash # ffuf (fast web fuzzer) go install github.com/ffuf/ffuf/v2@latest # wfuzz (alternative web fuzzer) sudo apt install -y wfuzz # gobuster (directory/file brute-forcer) sudo apt install -y gobuster # feroxbuster (fast content discovery) wget https://github.com/epi052/feroxbuster/releases/latest/download/feroxbuster_amd64.deb sudo dpkg -i feroxbuster_amd64.deb # dirsearch (Python-based directory scanner) git clone https://github.com/maurosoria/dirsearch.git cd dirsearch && pip3 install -r requirements.txt sudo ln -s $(pwd)/dirsearch.py /usr/local/bin/dirsearch # dirb (classic directory brute-forcer) sudo apt install -y dirb ``` ## 🎯 Tools untuk Vulnerability Scanning ### Web Application Scanners ```bash # Nuclei (modern vulnerability scanner) go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest # Update nuclei templates nuclei -update-templates # Nikto (web server scanner) sudo apt install -y nikto # SQLMap (SQL injection testing) sudo apt install -y sqlmap ``` ### Web Application Specific Scanners ```bash # WPScan (WordPress scanner) sudo gem install wpscan # Droopescan (Drupal scanner) pip3 install droopescan # JoomScan (Joomla scanner) git clone https://github.com/OWASP/joomscan.git cd joomscan && sudo cp joomscan.pl /usr/local/bin/joomscan sudo chmod +x /usr/local/bin/joomscan ``` ## 🎯 Tools untuk Active Directory Testing ### SMB/NetBIOS Testing ```bash # Samba client tools sudo apt install -y smbclient # enum4linux (SMB enumeration) sudo apt install -y enum4linux # crackmapexec (SMB pentesting) python3 -m pip install crackmapexec # smbmap (SMB share enumeration) sudo apt install -y smbmap # rpcclient (RPC client) sudo apt install -y samba-common-bin ``` ### Active Directory Tools ```bash # BloodHound Python ingestor pip3 install bloodhound # ldapsearch (LDAP enumeration) sudo apt install -y ldap-utils # Kerberos tools sudo apt install -y krb5-user # impacket (AD toolkit) pip3 install impacket ``` ## 🎯 Wordlists (SecLists) ```bash # SecLists (comprehensive wordlists) sudo apt install -y seclists # Atau manual install: git clone https://github.com/danielmiessler/SecLists.git /usr/share/seclists # Lokasi penting SecLists yang digunakan MCP: # /usr/share/seclists/Discovery/Web-Content/common.txt # /usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt # /usr/share/seclists/Discovery/Web-Content/raft-medium-words.txt ``` ## 🎯 Database Testing Tools ```bash # MySQL client sudo apt install -y mysql-client # PostgreSQL client sudo apt install -y postgresql-client # MSSQL tools (optional) curl https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add - curl https://packages.microsoft.com/config/ubuntu/20.04/prod.list | sudo tee /etc/apt/sources.list.d/msprod.list sudo apt update && sudo apt install -y mssql-tools unixodbc-dev ``` ## 🎯 SNMP Testing ```bash # SNMP utilities sudo apt install -y snmp snmp-mibs-downloader # onesixtyone (SNMP scanner) sudo apt install -y onesixtyone ``` ## 🎯 Parameter Extraction ```bash # Katana (web crawling) go install github.com/projectdiscovery/katana/cmd/katana@latest # ParamSpider (parameter discovery) git clone https://github.com/devanshbatham/ParamSpider cd ParamSpider && pip3 install -r requirements.txt ``` ## 🎯 Burp Suite Professional Integration ```bash # Download Burp Suite Professional dari PortSwigger # https://portswigger.net/burp/releases/professional/latest # Install ke direktori yang umum sudo mkdir -p /opt/burpsuite_pro # Letakkan burpsuite_pro.jar di /opt/burpsuite_pro/ # Atau download langsung (memerlukan lisensi): # wget -O /opt/burpsuite_pro/burpsuite_pro.jar "https://portswigger.net/burp/releases/professional/latest/download" # Install Java (diperlukan untuk Burp Suite) sudo apt install -y openjdk-11-jdk # Verify Java installation java -version ``` ### Burp Suite Configuration ```bash # Lokasi JAR yang didukung (auto-detection): # /opt/burpsuite_pro/burpsuite_pro.jar # /Applications/Burp Suite Professional.app/Contents/java/app/burpsuite_pro.jar (macOS) # ~/BurpSuitePro/burpsuite_pro.jar # ~/Downloads/burpsuite_pro.jar # ./burpsuite_pro.jar # Test Burp Suite manual: java -jar /opt/burpsuite_pro/burpsuite_pro.jar --help ``` ## 🎯 Additional Utilities ```bash # curl (HTTP client) sudo apt install -y curl # jq (JSON processor) sudo apt install -y jq # dig & nslookup (DNS tools) sudo apt install -y dnsutils # netcat (network utility) sudo apt install -y netcat-traditional # hydra (brute force tool) sudo apt install -y hydra # medusa (alternative brute forcer) sudo apt install -y medusa ``` ## 🚀 Quick Installation Script Simpan script ini sebagai `install-pentest-tools.sh`: ```bash #!/bin/bash echo "🚀 Installing MCP Pentest Tools..." # Update system sudo apt update # Essential tools sudo apt install -y nmap masscan nikto sqlmap smbclient enum4linux \ samba-common-bin ldap-utils krb5-user mysql-client postgresql-client \ snmp snmp-mibs-downloader onesixtyone curl jq dnsutils netcat-traditional \ hydra medusa wfuzz gobuster dirb seclists # Go tools (requires Go to be installed) if command -v go &> /dev/null; then echo "Installing Go-based tools..." go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest go install github.com/ffuf/ffuf/v2@latest go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest go install github.com/projectdiscovery/katana/cmd/katana@latest # Update nuclei templates nuclei -update-templates else echo "⚠️ Go not found. Please install Go and run Go-based tool installation manually." fi # Python tools pip3 install bloodhound impacket crackmapexec droopescan # Ruby tools if command -v gem &> /dev/null; then sudo gem install wpscan else echo "⚠️ Ruby/gem not found. Please install Ruby and run: sudo gem install wpscan" fi echo "✅ Installation complete!" echo "📋 Run 'nuclei -update-templates' to update vulnerability templates" echo "📋 Configure API keys for enhanced results (subfinder, wpscan, etc.)" ``` ## 🔧 Configuration Tips ### 1. **Subfinder API Keys** (untuk hasil maksimal) ```bash # Edit ~/.config/subfinder/provider-config.yaml shodan: ["your-shodan-api-key"] censys: ["your-censys-api-key"] virustotal: ["your-virustotal-api-key"] ``` ### 2. **WPScan API Token** ```bash # Register di wpscan.com untuk API token wpscan --url example.com --api-token YOUR_API_TOKEN ``` ### 3. **Nuclei Templates** ```bash # Update templates secara berkala nuclei -update-templates # Custom templates location nuclei -t /path/to/custom/templates/ ``` ## ⚠️ Catatan Penting 1. **Permissions**: Beberapa tools memerlukan sudo privileges 2. **SecLists**: Pastikan path `/usr/share/seclists/` tersedia 3. **Go Installation**: Untuk tools Go-based, install Go terlebih dahulu 4. **Legal**: Gunakan hanya pada sistem yang Anda miliki atau yang diizinkan ## 🧪 Test Installation Untuk test apakah semua tools terinstall dengan benar: ```bash # Test basic tools nmap --version nuclei -version ffuf -V subfinder -version sqlmap --version ``` Happy Pentesting! 🎯